package cn.dlc.com.config;

import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;

import java.io.Serializable;

public class CustomPermissionEvaluator {

    /***
     *
     * @param authentication 这个就是登录之后的用户
     * @param targetUrl 表示的是当前权限的请求地址，比如/order/findAll这些
     * @param targetPermission 权限标志
     * @return
     */
    public boolean hasPermission(Authentication authentication, Object targetUrl, Object targetPermission) {

        // 获得loadUserByUsername()方法的结果
        Object principal = authentication.getPrincipal();
        if(principal != null && principal instanceof UserDetails) {
            UserDetails userDetails = (UserDetails) principal;

        }
        System.out.println("targetUrl：" + targetUrl);
        System.out.println("targetPermission：" + targetPermission);

        return true;

    }

    public boolean hasPermission(Authentication authentication, Serializable serializable, String s, Object o) {

        System.out.println("和我有什么关系？？？");

        return false;
    }
}
